(use-modules (gnu)
             (gnu system nss)
             (gnu system mapped-devices)
             (gnu services kerberos)
             (gnu services web)
             (gnu services databases)
             (guix store))

(use-service-modules networking ssh web kerberos mail admin mcron)

(use-package-modules admin emacs avahi certs tmux ssh linux disk code
                     version-control rsync guile web base ntp tls wget
                     package-management backup curl php pulseaudio)

(define %tlsdate-job
  #~(job (lambda (now)
           (next-day-from (next-hour-from now '(3))
                          '(2 5)))
         (string-append #$tlsdate "/bin/tlsdate -l -t")))

(define %certbot-job
  ;; Renew Let's Encrypt certificates twice a week.
  #~(job (lambda (now)
           (next-day-from (next-hour-from-now '(3))
                          '(2 5)))
         (string-append #$certbot "/bin/certbot renew")))


(operating-system
 (host-name "quercus.browniehive.net")
 (timezone "Europe/Oslo")
 (locale "en_US.UTF-8")

 (locale-libcs (list (specification->package "glibc") (canonical-package glibc)))

 ;; Message for users on login
 (issue "Quercus is a WORK IN PROGRESS. Expect instability\n")

 (hosts-file
    (plain-file "hosts"
                (string-append (local-host-aliases host-name)
                               %facebook-host-aliases)))

 (initrd-modules (append (list "uas" "usb-storage" "raid0" "raid1")
                         %base-initrd-modules))

 (initrd (lambda (file-systems . rest)
	   ;; Add a kernel module for RAID-0 (aka. "stripe")
           ;; and RAID-1 (aka. "mirror").
	   (apply base-initrd file-systems
		  #:extra-modules '("raid0" "raid1" "mdraid" "uas" "usb-storage")
		  rest)))

 ;;; Raid "10"
 ;; raid0 md127: sda1, sdb1, sde1
 ;; raid0 md126: sdc1, sdd1, sdf1
 ;; raid1 md125: raid-a raid-b

 (mapped-devices (list (mapped-device
			(source (list "/dev/disk/by-id/ata-SAMSUNG_HD103UJ_S13PJ90Q922364-part1" ; sda1
				      "/dev/disk/by-id/ata-SAMSUNG_HD204UI_S2H7J1CZC04866-part1" ; sdb1
				      "/dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N1NDU0C1-part1")) ; sde1
			(target "/dev/md127")
			(type raid-device-mapping))
		       (mapped-device
			(source (list "/dev/disk/by-id/ata-SAMSUNG_HD103UJ_484331GQ919757-part1" ; sdc1
				      "/dev/disk/by-id/ata-SAMSUNG_HD204UI_S2H7J1CZC04873-part1" ; sdd1
				      "/dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N6AUF6LH-part1")) ; sdf1
			(target "/dev/md126")
			(type raid-device-mapping))
		       (mapped-device
			(source (list "/dev/md126" "/dev/md127"))
			(target "/dev/md125")
			(type raid-device-mapping))))

 (bootloader
  (bootloader-configuration
   (bootloader grub-bootloader)
   (target "/dev/disk/by-id/usb-Kingston_DT_microDuo_3.0_1C6F6581FDFCBEB0B9233C66-0:0")))

 (swap-devices '("/swapfile"))
 (file-systems (cons* (file-system
			(device (file-system-label "rootfs"))
			(mount-point "/boot")
                        (create-mount-point? #t)
			(type "ext4"))
		      (file-system
			(device "/dev/md125p1")
			(mount-point "/")
			(dependencies mapped-devices)
			(create-mount-point? #t)
			(type "ext4"))
		      %base-file-systems))

; (groups (cons*
 ;         (user-group
  ;         (name "web"))
   ;       %base-groups))

 (users (cons* (user-account
               (name "ton")
               (comment "Tonton")
               (group "users")
               (supplementary-groups '("wheel" ;"web"
                                       "audio" "video"))
               (home-directory "/home/ton")
               (create-home-directory? #f))

               (user-account
                (name "gmc")
                (comment "Gunn Marit")
                (group "users")
                (supplementary-groups '())
                (home-directory "/home/gmc")
                (create-home-directory? #f))

;               (user-account
 ;               (name "groovebasin")
  ;              (comment "Audio server")
   ;             (group "users")
    ;            (supplementary-groups '("audio"))
     ;           (home-directory "/home/groovebasin")
      ;          (create-home-directory? #t))

               %base-user-accounts))

 (packages (cons*
;            certbot
            wget
            curl
;            php
            iptables
            tcpdump
;            emacs-no-x
            openssh
            borg
            htop
            tmux
            tree
            nss-certs
	    mosh
	    mdadm
	    parted
	    smartmontools
	    the-silver-searcher
	    git
	    rsync
;            inotify-tools
            gnu-make
            stow
            nmap
;            pulsemixer
            %base-packages))

 (services
  (cons*
   (static-networking-service "eno1" "192.168.10.42"
                              #:gateway "192.168.10.1"
                              #:name-servers '("51.254.25.115"
                                               "193.183.98.66"
                                               "51.255.48.78"))
   (service openssh-service-type
            (openssh-configuration
             (port-number 22555)
             (password-authentication? #f)))

 ;  (service mail-aliases-service-type
;            '(("postmaster" "root")
;              ("root" "ton")
 ;             ("mailer-daemon" "postmaster")
  ;            ("nobody" "root")
   ;           ("hostmaster" "root")
    ;          ("usenet" "root")
;              ("news" "root")
 ;             ("webmaster" "root")
  ;            ("www" "root")
   ;           ("ftp" "root")
    ;          ("abuse" "root")
;              ("noc" "root")
 ;             ("security" "root")))
;;   (service opensmtpd-service-type
            ;;(opensmtpd-configuration
             ;;(config-file (local-file "./my-opensmtpd.conf"))))
;   (dovecot-service #:config
 ;                   (dovecot-configuration
  ;                   (mail-location "maildir:~/Maildir")))
                     ;;(protocol-configuration-list '("imap" "pop3" "lmtp"))
                     ;;(ssl-cert "/etc/mail.pragmatique.xyz.crt")
                     ;;(ssl-key "/etc//mail.pragmatique.xyz.key")))

   (service tor-service-type)
   (tor-hidden-service "quercus"
                       '((22555 "127.0.0.1:22555")))
   
   (service rottlog-service-type (rottlog-configuration))
;   (service mcron-service-type
 ;           (mcron-configuration
  ;           (jobs (list %tlsdate-job %certbot-job))))

;   (service httpd-service-type
 ;           (httpd-configuration
  ;           (config
   ;           (httpd-config-file
    ;           (server-name "quercus")
     ;          (document-root "/http/ampache")
;      ;         (modules (cons*
 ;                        (httpd-module
  ;                        (name "pdo_module")
   ;                       (file "modules/mod_pdo.so"))
    ;                     (httpd-module
     ;                     (name "pdo_mysql_module")
      ;                    (file "modules/mod_pdo_mysql.so"))
       ;                  (httpd-module
        ;                  (name "hash_module")
         ;                 (file "modules/mod_hash.so"))
          ;               (httpd-module
           ;               (name "session_module")
            ;              (file "modules/mod_session.so"))
             ;            (httpd-module
;                          (name "json_module")
 ;                         (file "modules/mod_json.so"))
  ;                       (httpd-module
   ;                       (name "simplexml_module")
    ;;                      (file "modules/mod_simplexml.so"))
      ;                   (httpd-module
       ;                   (name "curl_module")
        ;                  (file "modules/mod_curl.so"))
         ;                %default-httpd-modules))
;               (extra-config (list "\
 ;              <FilesMatch \\.php$>
  ;                 SetHandler \"proxy:unix:/var/run/php-fpm.sock|fcgi://localhost/\"
   ;            </FilesMatch>"))))))

;   (service php-fpm-service-type
 ;           (php-fpm-configuration
  ;           (socket "/var/run/php-fpm.sock")
   ;          (socket-group "httpd")))

;   (service mysql-service-type
 ;           (mysql-configuration
  ;           (port 3306)))

   (modify-services %base-services
                    
                    (guix-service-type config =>
                                       (guix-configuration
                                        (inherit config)
                                        (substitute-urls
                                         (cons*
                                          "https://ci.guix.info/"
                                          "https://berlin.guixsd.org"
                                          ;;"https://quercus.browniehive.net"
                                          %default-substitute-urls))
                                        (extra-options '("--max-jobs=3" "--cores=3"))))
                    )))

 (name-service-switch %mdns-host-lookup-nss)
)

